Add SAML provider search to UsersFinder

cfa3e79e · Jackie Fraser · Mayra Cabrera · d70ea657 · cfa3e79e · cfa3e79e
Commit cfa3e79e authored Jul 20, 2021 by Jackie Fraser Committed by Mayra Cabrera Jul 20, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 33 additions and 2 deletions

ee/app/finders/ee/users_finder.rb ee/app/finders/ee/users_finder.rb +9 -1

ee/spec/finders/users_finder_spec.rb ee/spec/finders/users_finder_spec.rb +24 -1

No files found.
--- a/ee/app/finders/ee/users_finder.rb
+++ b/ee/app/finders/ee/users_finder.rb
@@ -6,7 +6,8 @@ module EE

    override :execute
    def execute
-      by_non_ldap(super)
+      users = by_non_ldap(super)
+      by_saml_provider_id(users)
    end

    def by_non_ldap(users)
@@ -14,5 +15,12 @@ module EE

      users.non_ldap
    end
+
+    def by_saml_provider_id(users)
+      saml_provider_id = params[:by_saml_provider_id]
+      return users unless saml_provider_id
+
+      users.limit_to_saml_provider(saml_provider_id)
+    end
  end
 end
--- a/ee/spec/finders/users_finder_spec.rb
+++ b/ee/spec/finders/users_finder_spec.rb
@@ -8,7 +8,7 @@ RSpec.describe UsersFinder do

    context 'with a normal user' do
      context 'with LDAP users' do
-        let!(:ldap_user) { create(:omniauth_user, provider: 'ldap') }
+        let_it_be(:ldap_user) { create(:omniauth_user, provider: 'ldap') }

        it 'returns ldap users by default' do
          users = described_class.new(normal_user).execute
@@ -22,6 +22,29 @@ RSpec.describe UsersFinder do
          expect(users).to contain_exactly(normal_user, blocked_user, omniauth_user, external_user, internal_user, admin_user)
        end
      end
+
+      context 'with SAML users' do
+        let_it_be(:group) { create(:group) }
+        let_it_be(:saml_provider) { create(:saml_provider, group: group, enabled: true, enforced_sso: true) }
+        let_it_be(:saml_user) { create(:user) }
+        let_it_be(:non_saml_user) { create(:user) }
+
+        before do
+          create(:identity, provider: 'group_saml1', saml_provider_id: saml_provider.id, user: saml_user)
+        end
+
+        it 'returns all users by default' do
+          users = described_class.new(normal_user).execute
+
+          expect(users).to contain_exactly(normal_user, blocked_user, omniauth_user, external_user, internal_user, admin_user, saml_user, non_saml_user)
+        end
+
+        it 'returns only saml users from the provided saml_provider_id' do
+          users = described_class.new(normal_user, by_saml_provider_id: saml_provider.id).execute
+
+          expect(users).to contain_exactly(saml_user)
+        end
+      end
    end
  end
 end